Enterprises defending in isolation cannot ward off modern cyber threats; Faster, more effective threat sharing between industry peers and the government is necessary
FULTON, Md., May 15, 2019
IronNet Cybersecurity released today a new report, “Collective Offense Calls for a Collective Defense: A Reality Check for Cybersecurity Decision Makers” that reveals a large majority of security IT decision makers are ready and willing to share valuable threat intelligence data to help the collective industry make better, more informed decisions when it comes to cyber attacks.
To compile the report, IronNet commissioned survey firm Vanson Bourne to interview 200 U.S. security IT decision makers across many industries including technology, telecommunications, retail, financial services, government, media and utilities. The survey polled respondents—more than half of whom serve in C-level positions—on issues ranging from confidence and efficacy around their cybersecurity solutions and perceived vulnerabilities to Artificial Intelligence (AI) and Machine Learning (ML) investment decisions and attitudes on collective defense and threat sharing.
Key findings include:
Organizations Are Ready for Collective Defense
- The vast majority (94%) of respondents’ organizations currently subscribe to or invest in some form of collective defense, including threat sharing of IPs, file hashes, domains, and other signature-based indicators.
- 94% of respondents stated that their organization would be willing to increase the level of threat sharing with their industry peers if it demonstrably improved their ability to detect threats.
- Similarly, 92% say their organization would be willing to increase sharing with the government if it enabled the government to use political, economic, cyber, or other national-level capabilities to deter cyber attacks.
There’s a Disconnect Between Confidence Levels and Actual Vulnerability and System Maturity
- 55% of IT decision makers noted that they are confident that their cybersecurity capabilities are advanced and stated they are in better shape than others in their industry.
- 85% of respondents are most likely to rate their organization’s cybersecurity technology, systems, and tools as
- In a 12 month span, respondents on average experienced 4 attacks on their organization, with 20% of respondents being hit 6 or more times.
- Nearly a quarter of respondents identified that they are facing issues with each of the following: lack of real-time visibility across industrial control systems and IoT (27%), lack of timely threat intelligence information (25%), and too many cybersecurity tools and poor integration between them (24%).
- Almost 8 in ten respondents stated their organization has had a cybersecurity incident so severe, it has required a C-level/Board meeting after.
AI and ML Investment is Robust, but Maturity is Key to ROI
- Three-quarters (73%) of respondents state that their organization has invested in Artificial Intelligence (AI) or Machine Learning (ML) in the past 12 months.
- Of the 27% of respondents who hadn’t invested in AI or ML in the past 12 months, 35% said their reason was that they were simply unsure of the value.
According to the report, “It no longer takes a nation-state to mount a nation-state-grade cyber attack. Threat actors are increasingly sharing techniques and best (or worst) practices to make their attacks more profitable for themselves and more damaging to organizations. Collective offense is testing the integrity of cyber defenses everywhere.”
To review the full report findings, please visit: www.ironnet.com
About IronNet Cybersecurity
Founded in 2014, IronNet Cybersecurity is a global cybersecurity leader that is revolutionizing how enterprises, industries, and governments secure their networks. IronNet takes the skills of its top-notch cybersecurity operators with their real-world, public and private sector, offensive and defensive cyber experience, and integrates their deep tradecraft knowledge into its industry-leading products to solve the most challenging cyber problems facing industry today. IronNet is headquartered in Fulton, MD, with major offices in Tysons, VA and Frederick, MD. Learn more about IronNet Cybersecurity at https://www.ironnet.com or follow us on Twitter at @IronNetCyber.